Package org.apache.hadoop.hbase.security.access

Class ZKPermissionWatcher

java.lang.Object

org.apache.hadoop.hbase.zookeeper.ZKListener

org.apache.hadoop.hbase.security.access.ZKPermissionWatcher

All Implemented Interfaces:

Closeable, AutoCloseable

@Private
public class ZKPermissionWatcher
extends ZKListener
implements Closeable

Handles synchronization of access control list entries and updates throughout all nodes in the cluster. The AccessController instance on the _acl_ table regions, creates a znode for each table as /hbase/acl/tablename, with the znode data containing a serialized list of the permissions granted for the table. The AccessController instances on all other cluster hosts watch the znodes for updates, which trigger updates in the AuthManager permission cache.

Field Summary

Fields

Modifier and Type	Field	Description
(package private) static final String	ACL_NODE
private final String	aclZNode
private final AuthManager	authManager
private Future<?>	childrenChangedFuture
private final ExecutorService	executor
private final CountDownLatch	initialized
private static final org.slf4j.Logger	LOG

Fields inherited from class org.apache.hadoop.hbase.zookeeper.ZKListener

watcher

Constructor Summary

Constructors

Constructor	Description
ZKPermissionWatcher(ZKWatcher watcher, AuthManager authManager, org.apache.hadoop.conf.Configuration conf)

Method Summary

Modifier and Type	Method	Description
private Future<?>	asyncProcessNodeUpdate(Runnable runnable)
void	close()
void	deleteNamespaceACLNode(String namespace)	Delete the acl notify node of namespace
void	deleteTableACLNode(TableName tableName)	Delete the acl notify node of table
void	nodeChildrenChanged(String path)	Called when an existing node has a child node added or removed.
void	nodeCreated(String path)	Called when a new node has been created.
void	nodeDataChanged(String path)	Called when an existing node has changed data.
void	nodeDeleted(String path)	Called when a node has been deleted
private void	refreshAuthManager(String entry, byte[] nodeData)
private void	refreshNodes(List<ZKUtil.NodeAndData> nodes)
void	start()
private void	waitUntilStarted()
void	writeToZookeeper(byte[] entry, byte[] permsData)	Write a table's access controls to the permissions mirror in zookeeper

Methods inherited from class org.apache.hadoop.hbase.zookeeper.ZKListener

getWatcher

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

private static final org.slf4j.Logger LOG

ACL_NODE

static final String ACL_NODE

See Also:

• Constant Field Values

authManager

private final AuthManager authManager

aclZNode

private final String aclZNode

initialized

private final CountDownLatch initialized

executor

private final ExecutorService executor

childrenChangedFuture

private Future<?> childrenChangedFuture

Constructor Details

ZKPermissionWatcher

public ZKPermissionWatcher(ZKWatcher watcher,
 AuthManager authManager,
 org.apache.hadoop.conf.Configuration conf)

Method Details

start

public void start()
           throws org.apache.zookeeper.KeeperException

Throws:

org.apache.zookeeper.KeeperException

close

public void close()

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

waitUntilStarted

private void waitUntilStarted()

nodeCreated

public void nodeCreated(String path)

Description copied from class: ZKListener

Called when a new node has been created.

Overrides:

nodeCreated in class ZKListener

Parameters:

path - full path of the new node

nodeDeleted

public void nodeDeleted(String path)

Description copied from class: ZKListener

Called when a node has been deleted

Overrides:

nodeDeleted in class ZKListener

Parameters:

path - full path of the deleted node

nodeDataChanged

public void nodeDataChanged(String path)

Description copied from class: ZKListener

Called when an existing node has changed data.

Overrides:

nodeDataChanged in class ZKListener

Parameters:

path - full path of the updated node

nodeChildrenChanged

public void nodeChildrenChanged(String path)

Description copied from class: ZKListener

Called when an existing node has a child node added or removed.

Overrides:

nodeChildrenChanged in class ZKListener

Parameters:

path - full path of the node whose children have changed

asyncProcessNodeUpdate

private Future<?> asyncProcessNodeUpdate(Runnable runnable)

refreshNodes

private void refreshNodes(List<ZKUtil.NodeAndData> nodes)

refreshAuthManager

private void refreshAuthManager(String entry,
 byte[] nodeData)
                         throws IOException

Throws:

IOException

writeToZookeeper

public void writeToZookeeper(byte[] entry,
 byte[] permsData)

Write a table's access controls to the permissions mirror in zookeeper

deleteTableACLNode

public void deleteTableACLNode(TableName tableName)

Delete the acl notify node of table

deleteNamespaceACLNode

public void deleteNamespaceACLNode(String namespace)

Delete the acl notify node of namespace